Product Overviewβ
Nxgen VPN is a fully managed secure connectivity solution that bridges your customers' surveillance environments β NVRs, cameras, recorders, and edge devices β with Nxgen's cloud and operations infrastructure. Purpose-built for surveillance integrators and MSPs, it eliminates the complexity of designing, operating, and troubleshooting VPN infrastructure, so your team can focus on delivering service rather than managing network plumbing.
Key Benefitsβ
- Zero infrastructure burden β Nxgen manages all VPN operations centrally
- Always-on remote access to customer NVRs, cameras, and edge devices
- Faster incident response β authorized operators connect instantly to any site
- Optimized for low-latency video traffic across surveillance environments
- Flexible deployment across cloud, branch, and on-premise environments
- Multi-protocol support adapts to existing customer infrastructure
- NAT support handles overlapping or customer-specific IP addressing
- Scalable architecture supports high-volume multi-customer deployments
Primary Use Casesβ
- Connect customer NVRs and recorders to Nxgen-managed environments
- Secure communication with cameras and edge devices inside customer networks
- Remote troubleshooting and support access by authorized Nxgen operators
- Centralized access to multiple customer sites via a single VPN client
- Hybrid networking across cloud, branch, and on-premise surveillance sites
- Managed VPN for MSPs and integrators serving multi-tenant environments
| Metric | Value |
|---|
| Uptime SLA | 99.95% (AWS IPsec) |
| Typical Tunnel Latency | < 70ms |
| VPN Throughput | 1 Gbps+ per tunnel |
| Encryption Standard | AES-256 |
VPN Connectivity β Primary Protocolsβ
OpenVPN (Primary Protocol)β
- Industry-standard SSL/TLS-based VPN
- Split tunnel β reduces unnecessary backhaul
- Operator PC client access (CloudConnexa)
- Ideal for remote access & multi-site connectivity
- Flexible port configuration (TCP/UDP)
IPsec (Primary Protocol)β
- High-performance site-to-site tunnelling
- Route-based & AWS Site-to-Site VPN support
- BGP and static routing compatible
- Hardware-accelerated AES-256 encryption
- Best for branch and on-premise integrations
Also Supportedβ
- WireGuard β Ultra-lightweight modern VPN protocol, ideal for performance-constrained edge devices
- Meraki VPN β Native integration for Meraki-based customer deployments
Operator VPN Access β Built-In Remote Reachβ
Nxgen provides OpenVPN client accounts for authorized operators, giving your team secure access to customer NVRs, recorders, and cameras from any location β without exposing those systems to the public internet. This means faster issue resolution, lower support costs, and a better service experience for your customers β all through a single, centrally controlled access layer.
Technical Specificationsβ
| Specification | Details |
|---|
| VPN Throughput | Up to 1 Gbps+ per tunnel (protocol and infrastructure dependent) |
| Encryption Overhead | Minimal β hardware-accelerated AES-256 via AWS infrastructure |
| Tunnel Latency | Typically < 70ms; varies by customer site geography |
| Concurrent Tunnels | Scalable β multiple concurrent site-to-site and operator tunnels supported |
| Video Traffic Handling | Optimized for continuous H.264/H.265 surveillance streams; split tunnel reduces unnecessary backhaul |
| Packet Loss | < 0.5% target under normal operating conditions |
Supported VPN Protocols & Connectivityβ
| Specification | Details |
|---|
| VPN Protocols | OpenVPN, IPsec, WireGuard, Meraki VPN |
| Connectivity Types | OpenVPN CloudConnexa, IPsec Route-Based VPN, AWS IPsec Site-to-Site, WireGuard, Meraki VPN |
| Operator Access | OpenVPN client-based PC accounts for authorized Nxgen personnel |
Authentication & Securityβ
| Specification | Details |
|---|
| Authentication Methods | Pre-Shared Keys (PSK), Certificate-Based Authentication |
| Encryption Standard | AES-256 across all supported VPN technologies |
| Access Control | Centrally managed by Nxgen β no customer systems exposed directly to the internet |
| Audit & Logging | Full access logs maintained β who accessed which device and when, supporting accountability and compliance reviews |
Routing & Trafficβ
| Specification | Details |
|---|
| Routing Models | Static Routing, BGP Dynamic Routing |
| Tunneling | Split Tunnel (OpenVPN) to minimize bandwidth usage; Full Tunnel available |
| NAT Support | Available β handles overlapping or customer-specific IP addressing |
| QoS / Prioritization | Traffic prioritization for surveillance streams configurable per deployment |
Availability & Resilienceβ
| Specification | Details |
|---|
| Routing Models | Static Routing, BGP Dynamic Routing |
| Tunneling | Split Tunnel (OpenVPN) to minimize bandwidth usage; Full Tunnel available |
| NAT Support | Available β handles overlapping or customer-specific IP addressing |
| QoS / Prioritization | Traffic prioritization for surveillance streams configurable per deployment |
Deployment & Infrastructureβ
| Specification | Details |
|---|
| Infrastructure | AWS-based VPN gateway |
| Deployment Models | Cloud VPN Gateway, Software-Based Virtual Appliance, Customer Router/Firewall/Endpoint Integration |
| Connected Environments | NVRs, Recorders, IP Cameras, Edge Devices, Customer Routers & Firewalls, Branch/On-Premise Sites |
| Onboarding Timeline | Typical deployment completed within 2β5 business days from engagement; complex multi-site rollouts scoped individually |
INTEGRATIONSβ
| Specification | Details |
|---|
| Cloud Platform | AWS Networking Environment |
| Vendor Integrations | Meraki-Based Deployments, OpenVPN CloudConnexa, Customer Firewalls & Routers |
Management, Monitoring & Operationsβ
| Specification | Details |
|---|
| Management Model | Fully managed by Nxgen operations team |
| Monitoring | Centrally operated β tunnel health, uptime, and performance monitored proactively |
| Reporting | Operational status reports available as part of managed service engagement |
| Support Model | Nxgen team handles ongoing operations, incident management, and escalation |
Getting Started β Typical Onboarding Processβ
Most deployments are live within 2β5 business days. Nxgen handles all VPN design and configuration β customers simply provide their network details.
- Discovery & Scoping β Nxgen reviews customer network topology, site count, and device requirements
- Design & Configuration β VPN architecture designed and configured β protocols, routing, NAT, and auth selected
- Testing & Validation β Tunnels tested end-to-end; latency, throughput, and failover confirmed
- Go-Live & Monitoring β Monitoring and support activated
Deployment & Architectureβ
| Infrastructure | AWS-based VPN gateway |
|---|
| Deployment Models | Cloud VPN Gateway, Software-Based Virtual Appliance, Customer Router/Firewall Integration |
| Connected Environments | NVRs, Recorders, IP Cameras, Edge Devices, Customer Routers & Firewalls, Branch/On-Premise Sites |
| Onboarding Timeline | Typical deployment within 2β5 business days; complex multi-site rollouts scoped individually |
Contact us to discuss deployment options for your environment.